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IN THE CLAIMS 
Please amend the claims as follows: 

Claim 1 (Currently Amended): A communication gateway apparatus to be coupled 
between a server and a client, comprising: 

a reception unit configured to receive a content transferred from the server to the 

client; 

an extraction unit configured to extract a script program from the received content; 

a storage to store transfer destination information representing a plurality of transfer 
destinations designated as authentic; 

an inspection unit configured to inspect the script program to detect that the script 
program has a function of transferring any one of information stored in the client and the 
received content, thereby identifying at least one transfer destination of the information; 

a determination unit configured to determine whether or not transfer of the content is 
permitted, by collating the identified transfer destination of the information with the plurality 
of transfer destinations of the destination information; and 

a transmission unit configured to transmit the content to the client only when the 
determination unit determines that transfer is permitted; 

wherein the information includes cookie information held in a Web browser running 
in the client . 

Claim 2 (Original): The apparatus according to claim 1, wherein the inspection unit 
identifies a plurality of transfer destinations of the information, and wherein the 
determination unit determines that transfer is permitted only if all the transfer destinations of 
the information are within the plurality of transfer destinations of the destination information. 
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Claim 3 (Original): The apparatus according to claim 1, wherein the inspection unit is 
further configured to output, if the transfer destination of the information is unidentifiable, an 
arbitrary transfer destination, and the determination unit determines that transfer of the 
content is not permitted. 

Claim 4 (Canceled). 

Claim 5 (Original): The apparatus according to claim 1, wherein the destination 
information includes any one of a list of permitted URLs and regular expressions. 

Claim 6 (Currently Amended): A communication gateway apparatus to be coupled 
between a server and a client, comprising: 

a reception unit configured to receive a content having an input form and transferred 
from the server to the client; 

an extraction unit configured to extract a script program from the received content; 

a storage to store transfer destination information representing a plurality of transfer 
destinations designated as authentic; 

an inspection unit configured to inspect the script program to detect that the script 
program has a function of changing a transmission destination of the input form, thereby 
identifying at least one changed transfer destination of the input form; 

a determination unit configured to determine whether or not transfer of the content is 
permitted, by collating the changed transfer destination of the input form with the plurality of 
transfer destinations of the destination information; and 

a transmission unit configured to transmit the content to the client only when the 
determination unit determines that transfer is permitted; 
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wherein the information includes cookie information held in a Web browser running 
in the client . 

Claim 7 (Original): The apparatus according to claim 6, wherein the inspection unit 
identifies a plurality of changed transfer destinations of the input form, and wherein the 
determination unit determines that transfer is permitted only if all the changed transfer 
destinations of the input form are within the plurality of transfer destinations of the 
destination information. 

Claim 8 (Original): The apparatus according to claim 6, wherein the inspection unit is 
further configured to output, if the changed transfer destination of the input form is 
unidentifiable, an arbitrary transfer destination, and the determination unit determines that 
transfer of the content is not permitted. 

Claim 9 (Original): The apparatus according to claim 6, wherein the destination 
information includes any one of a list of permitted URLs and regular expressions. 

Claim 10 (Currently Amended): A communication gateway apparatus to be coupled 
between a server and a client, comprising: 

a reception unit configured to receive a content having a first input form and 
transferred from the server to the client; 

an extraction unit configured to extract a script program from the received content; 

a storage to store request destination information representing a plurality of request 
destinations designated as authentic; 
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an inspection unit configured to inspect the script program to detect that the script 
program has a function of requesting an external content having a second input form to be 
used in place of the first input form, thereby identifying at least one request destination of the 
external content; 

a determination unit configured to determine whether or not transfer of the content is 
permitted, by collating the identified request destination of the external content with the 
plurality of the request destinations of the destination information; and 

a transmission unit configured to transmit the content to the client only when the 
determination unit determines that transfer is permitted; 

wherein the information includes cookie information held in a Web browser running 
in the client . 

Claim 1 1 (Original): The apparatus according to claim 10, wherein the inspection 
unit identifies a plurality of request destinations of the external content, and wherein the 
determination unit determines that transfer is permitted only if all the request destinations of 
the external content are within the plurality of request destinations of the destination 
information. 

Claim 12 (Original): The apparatus according to claim 10, wherein the inspection 
unit is further configured to output, if the request destination of the external content is 
unidentifiable, an arbitrary request destination, and the determination unit determines that 
transfer of the content is not permitted. 

Claim 13 (Original): The apparatus according to claim 10, wherein the destination 
information includes any one of a list of permitted URLs and regular expressions. 
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Claim 14 (Currently Amended): A communication gateway apparatus to be coupled 
between a server and a client, comprising: 

a reception unit configured to receive a content having a form and transferred from 
the server to the client; an extraction unit configured to extract a script program from the 
received content; 

a storage to store request destination information representing a plurality of request 
destinations designated as authentic; 

an inspection unit configured to inspect the script program to detect that the script 
program has a function of requesting an external content having an input form to be inserted 
within the form, thereby identifying at least one request destination of the external content; 

a determination unit configured to determine whether or not transfer of the content is 
permitted, by collating the identified request destination of the external content with the 
plurality of the request destinations of the destination information; and 

a transmission unit configured to transmit the content to the client only when the 
determination unit determines that transfer is permitted; 

wherein the information includes cookie information held in a Web browser running 
in the client . 

Claim 15 (Original): The apparatus according to claim 14, wherein the inspection 
unit identifies a plurality of request destinations of the external content, and wherein the 
determination unit determines that transfer is permitted only if all the request destinations of 
the external content are within the plurality of request destinations of the destination 
information. 



6 



Application No. 10/808,564 

Reply to Office Action of March 26, 2008 

Claim 16 (Original): The apparatus according to claim 14, wherein the inspection 
unit is further configured to output, if the request destination of the external content is 
unidentifiable, an arbitrary request destination, and the determination unit determines that 
transfer of the content is not permitted. 

Claim 17 (Original): The apparatus according to claim 14, wherein the destination 
information includes any one of a list of permitted URLs and regular expressions. 

Claim 18 (Currently Amended): A communication gateway apparatus to be coupled 
between a server and a client, comprising: 

a reception unit configured to receive a content transferred from the server to the 

client; 

an extraction unit configured to extract a script program from the received content; 

a storage to store transfer destination information representing a plurality of transfer 
destinations designated as authentic; 

an inspection unit configured to inspect the script program to detect that the script 
program has a function of adding an input form to the received content, and a function of 
transferring the input form, thereby identifying at least one transfer destination of the input 
form; 

a determination unit configured to determine whether or not transfer of the content is 
permitted, by collating the identified transfer destination of the information with the plurality 
of transfer destinations of the destination information; and 

a transmission unit configured to transmit the content to the client only when the 
determination unit determines that transfer is permitted; 
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wherein the information includes cookie information held in a Web browser running 
in the client . 

Claim 19 (Original): The apparatus according to claim 18, wherein the inspection 
unit identifies a plurality of transfer destinations of the input form, and wherein the 
determination unit determines that transfer is permitted only if all the transfer destinations of 
the information are within the plurality of transfer destinations of the destination information. 

Claim 20 (Original): The apparatus according to claim 18, wherein the inspection 
unit is further configured to output, if the transfer destination of the information is 
unidentifiable, an arbitrary transfer destination, and the determination unit determines that 
transfer of the content is not permitted. 

Claim 21 (Original): The apparatus according to claim 18, wherein the destination 
information includes any one of a list of permitted URLs and regular expressions. 

Claim 22 (Original): The apparatus according to claim 1, further comprising: 

a document generation unit configured to generate a document by partially executing 

the extracted script program, and wherein the extraction unit further extracts another script 

program to be inspected from the document. 

Claim 23 (Original): The apparatus according to claim 1, wherein when the 
determination unit determines that transfer is not permitted, the transmission unit transmits an 
error content to the client instead of the received content. 
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Claim 24 (Original): The apparatus according to claim 1, wherein when the 
determination unit determines that transfer is not permitted, the transmission unit transmits a 
message notifying that transfer is not permitted, to an account of an administrator. 

Claim 25 (Original): The apparatus according to claim 24, wherein the transmission 
unit adds at least the received content to the message and transmits the message. 

Claim 26 (Currently Amended): A method of affording security of communication 
between a vulnerable server and a client, comprising: 

receiving a content transferred from the vulnerable server; 
extracting a script program from the received content; 

inspecting the script program to identify a transfer destination of information, where 
transferring the information is caused by the client executing the script program; 

collating the identified transfer destination of the information with a permitted 
transfer destination list; and 

transmitting the received content to the client only if the identified transfer destination 
of the information , which includes cookie information held in a Web browser running in the 
client, is within the permitted transfer destination list, so as to prevent the information from 
illicitly transferring to a malicious server. 

Claim 27 (Currently Amended): A computer program product for affording security 
of communication between a vulnerable server and a client, comprising: 

means for instructing a computer to receive a content transferred from the vulnerable 

server; 
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means for instructing the computer to extract a script program from the received 
content; 

means for instructing the computer to inspect the script program to identify a transfer 
destination of information, where transferring the information is caused by the client 
executing the script program; 

means for instructing the computer to collate the identified transfer destination of the 
information with a permitted transfer destination list; and 

means for instructing the computer to transmit the received content to the client only 
if the identified transfer destination of the information , which includes cookie information 
held in a Web browser running in the client, is within the permitted transfer destination list, 
so as to prevent the information from illicitly transferring to a malicious server. 
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